"I trust the telecom operators more... than the UK's clueless and hapless Home Office."

by Dean Bubley | posted on 23 May 2008

First off, let me say that I like feeling secure; and believe me, living slap back in the middle of central London I'm acutely aware of the risks of terrorism.

But the proposals being considered by the UK government to build a central database of of phone calls and emails are as scary, as they are ridiculous. Now I suspect that (initially) the main task will just be collecting call-detail records and IP addresses & email headers, rather than the full content of voice calls and email bodies & attachments.

I don't have a problem with police accessing call records, or cell tower locations, in order to investigate crime. I don't mind them tapping the calls of suspects, or even applying some sort of pattern-recognition algorithms to suspicious-looking "networks" of people. They probably do this already, and within reason I don't mind the process being made more efficient.

But frankly, on this occasion I trust the telecom operators to be more secure with the data than the UK's clueless and hapless Home Office. Given recent data losses, and evidence of abuses of the existing powers to examine electronic records for petty bureaucratic reasons, the current administration's record on these matters is execrable.

The excuse - that this is just a way to implement the EU's rules on harmonised record-keeping - frankly, that's a cop-out as well.

While I recognise that there is useful security information to be gleaned from aggregate data sets like this, this needs to be set against the negatives of untrustworthy and sometimes downright malicious oversight of that data. And in any case, any serious terrorist is able to use a hundred and one  techniques to circumvent this - from encryption to steganography to anonymous remailers, and a bunch of other things I'm not going to write about on a public blog. Yes, some patterns might emerge after an event, enabling associates to be traced more quickly.

But even that doesn't offset the much greater risks from information misuse.

I'm personally willing to accept a modicum more risk to my safety, set against the much greater threat to my liberty.

The current UK Government is one of the world's worst offenders in assuming that "risk management" is the same as "risk minimisation", and that its citizens will accept any tyrannical methods proposed in the name of security.

I'm looking forward to it getting its well-deserved kicking in upcoming elections.

Technorati tags:   
Terror is the lower risk - You can discuss this article on our discussion board.
Dean Bubley is the Founder of Disruptive Analysis, an independent technology industry analyst and consulting firm.